Warning: Permanently added '10.128.1.72' (ED25519) to the list of known hosts.
2026/06/06 02:19:59 parsed 1 programs
Setting up swapspace version 1, size = 127995904 bytes
[ 114.733315][ T4788] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS
[ 117.530453][ T4828] chnl_net:caif_netlink_parms(): no params data found
[ 117.594916][ T4828] bridge0: port 1(bridge_slave_0) entered blocking state
[ 117.604299][ T4828] bridge0: port 1(bridge_slave_0) entered disabled state
[ 117.612882][ T4828] device bridge_slave_0 entered promiscuous mode
[ 117.623487][ T4828] bridge0: port 2(bridge_slave_1) entered blocking state
[ 117.630933][ T4828] bridge0: port 2(bridge_slave_1) entered disabled state
[ 117.640623][ T4828] device bridge_slave_1 entered promiscuous mode
[ 117.672900][ T4828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 117.686162][ T4828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 117.720906][ T4828] team0: Port device team_slave_0 added
[ 117.729665][ T4828] team0: Port device team_slave_1 added
[ 117.757717][ T4828] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 117.766270][ T4828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 117.793599][ T4828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 117.806299][ T4828] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 117.814641][ T4828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 117.842615][ T4828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 117.882638][ T4828] device hsr_slave_0 entered promiscuous mode
[ 117.890004][ T4828] device hsr_slave_1 entered promiscuous mode
[ 118.709680][ T4828] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 118.719889][ T4828] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 118.730350][ T4828] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 118.740831][ T4828] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 118.814379][ T4828] 8021q: adding VLAN 0 to HW filter on device bond0
[ 118.831644][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 118.842226][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 118.853587][ T4828] 8021q: adding VLAN 0 to HW filter on device team0
[ 118.866166][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 118.875976][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 118.887004][ T1438] bridge0: port 1(bridge_slave_0) entered blocking state
[ 118.894355][ T1438] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 118.914224][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 118.924861][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 118.934666][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 118.945619][ T1438] bridge0: port 2(bridge_slave_1) entered blocking state
[ 118.952897][ T1438] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 118.963665][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 118.973072][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 119.019929][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 119.030267][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 119.050112][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 119.060846][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 119.070437][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 119.082556][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 119.092026][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 119.101541][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 119.110504][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 119.122538][ T4828] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 119.325887][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 119.335460][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 119.349838][ T4828] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 119.394946][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 119.404487][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 119.423839][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 119.434344][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 119.446266][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 119.454469][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 119.466500][ T4828] device veth0_vlan entered promiscuous mode
[ 119.523614][ T4828] device veth1_vlan entered promiscuous mode
[ 119.550196][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 119.560540][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 119.571379][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 119.580857][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 119.592521][ T4828] device veth0_macvtap entered promiscuous mode
[ 119.625771][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 119.637322][ T4828] device veth1_macvtap entered promiscuous mode
[ 119.667752][ T4828] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 119.677301][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 119.694822][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 119.707600][ T4828] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 119.718887][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 119.727770][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 119.755222][ T4828] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 119.768316][ T4828] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 119.777071][ T4828] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 119.788299][ T4828] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 120.780106][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 120.787988][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 120.817238][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 120.851791][ T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 120.860394][ T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 120.869113][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
2026/06/06 02:20:11 executed programs: 0
[ 122.401200][ T157] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 122.617238][ T4999] chnl_net:caif_netlink_parms(): no params data found
[ 122.682961][ T4999] bridge0: port 1(bridge_slave_0) entered blocking state
[ 122.690226][ T4999] bridge0: port 1(bridge_slave_0) entered disabled state
[ 122.698896][ T4999] device bridge_slave_0 entered promiscuous mode
[ 122.707463][ T4999] bridge0: port 2(bridge_slave_1) entered blocking state
[ 122.715234][ T4999] bridge0: port 2(bridge_slave_1) entered disabled state
[ 122.724912][ T4999] device bridge_slave_1 entered promiscuous mode
[ 122.754018][ T4999] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 122.765651][ T4999] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 122.797302][ T4999] team0: Port device team_slave_0 added
[ 122.807956][ T4999] team0: Port device team_slave_1 added
[ 122.833351][ T4999] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 122.840587][ T4999] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 122.866940][ T4999] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 122.880563][ T4999] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 122.887551][ T4999] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 122.916641][ T4999] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 122.965835][ T4999] device hsr_slave_0 entered promiscuous mode
[ 122.976676][ T4999] device hsr_slave_1 entered promiscuous mode
[ 122.985897][ T4999] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 122.996656][ T4999] Cannot create hsr debugfs directory
[ 124.559075][ T4873] Bluetooth: hci0: command 0x0409 tx timeout
[ 125.265692][ T157] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 125.354607][ T157] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 125.410575][ T157] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 126.227240][ T4999] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 126.238695][ T4999] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 126.249296][ T4999] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 126.276287][ T4999] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 126.423122][ T4999] 8021q: adding VLAN 0 to HW filter on device bond0
[ 126.441016][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 126.454035][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 126.466493][ T4999] 8021q: adding VLAN 0 to HW filter on device team0
[ 126.497603][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 126.506681][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 126.517077][ T1438] bridge0: port 1(bridge_slave_0) entered blocking state
[ 126.524275][ T1438] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 126.573992][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 126.584349][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 126.597425][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 126.606987][ T1438] bridge0: port 2(bridge_slave_1) entered blocking state
[ 126.614173][ T1438] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 126.626634][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 126.636375][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 126.638573][ T4217] Bluetooth: hci0: command 0x041b tx timeout
[ 126.650827][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 126.661546][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 126.695032][ T4999] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 126.710556][ T4999] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 126.724890][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 126.736742][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 126.746887][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 126.759550][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 126.769250][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 126.777858][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 126.786898][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 126.795771][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 126.898416][ T157] device hsr_slave_0 left promiscuous mode
[ 126.904810][ T157] device hsr_slave_1 left promiscuous mode
[ 126.917527][ T157] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 126.929468][ T157] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 126.937439][ T157] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 126.948942][ T157] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 126.956921][ T157] device bridge_slave_1 left promiscuous mode
[ 126.964614][ T157] bridge0: port 2(bridge_slave_1) entered disabled state
[ 126.975434][ T157] device bridge_slave_0 left promiscuous mode
[ 126.983277][ T157] bridge0: port 1(bridge_slave_0) entered disabled state
[ 126.995611][ T157] device veth1_macvtap left promiscuous mode
[ 127.001846][ T157] device veth0_macvtap left promiscuous mode
[ 127.008011][ T157] device veth1_vlan left promiscuous mode
[ 127.013919][ T157] device veth0_vlan left promiscuous mode
[ 127.192274][ T157] team0 (unregistering): Port device team_slave_1 removed
[ 127.209613][ T157] team0 (unregistering): Port device team_slave_0 removed
[ 127.223235][ T157] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 127.240868][ T157] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 127.300026][ T157] bond0 (unregistering): Released all slaves
[ 127.344576][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 127.352576][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 127.365709][ T4999] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 127.387039][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 127.396359][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 127.421974][ T4999] device veth0_vlan entered promiscuous mode
[ 127.432715][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 127.441797][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 127.453771][ T4999] device veth1_vlan entered promiscuous mode
[ 127.461488][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 127.470642][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 127.479359][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 127.507774][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 127.517278][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 127.531236][ T4999] device veth0_macvtap entered promiscuous mode
[ 127.543345][ T4999] device veth1_macvtap entered promiscuous mode
[ 127.563685][ T4999] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 127.572318][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 127.581449][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 127.590260][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 127.600377][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 127.612298][ T4999] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 127.620840][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 127.630297][ T1438] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 127.642561][ T4999] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 127.652699][ T4999] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 127.661733][ T4999] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 127.671222][ T4999] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 127.725315][ T1438] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 127.736431][ T1438] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 127.744729][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
2026/06/06 02:20:17 executed programs: 2
[ 127.776869][ T5229] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 127.785763][ T5229] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 127.796265][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 128.105310][ T5231] loop0: detected capacity change from 0 to 32768
[ 128.272959][ T5231]
[ 128.272959][ T5231] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 128.272959][ T5231]
[ 128.327284][ T5231] read_mapping_page failed!
[ 128.332566][ T5231] ERROR: (device loop0): txCommit:
[ 128.332566][ T5231]
[ 128.361413][ T5231] read_mapping_page failed!
[ 128.366310][ T5231] ERROR: (device loop0): txCommit:
[ 128.366310][ T5231]
[ 128.377388][ T5231] ==================================================================
[ 128.385807][ T5231] BUG: KASAN: slab-out-of-bounds in dtInsertEntry+0xd74/0x1270
[ 128.393500][ T5231] Read of size 4 at addr ffff88806ea7c04c by task syz.0.17/5231
[ 128.401167][ T5231]
[ 128.403543][ T5231] CPU: 0 PID: 5231 Comm: syz.0.17 Not tainted syzkaller #0
[ 128.410776][ T5231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 128.420908][ T5231] Call Trace:
[ 128.424220][ T5231]
[ 128.427176][ T5231] dump_stack_lvl+0x188/0x250
[ 128.431885][ T5231] ? show_regs_print_info+0x20/0x20
[ 128.437155][ T5231] ? _printk+0xda/0x130
[ 128.441359][ T5231] ? load_image+0x400/0x400
[ 128.445889][ T5231] ? _raw_spin_lock_irqsave+0xbc/0x100
[ 128.451924][ T5231] print_address_description+0x60/0x2d0
[ 128.457599][ T5231] ? dtInsertEntry+0xd74/0x1270
[ 128.462498][ T5231] kasan_report+0xdf/0x130
[ 128.466970][ T5231] ? dtInsertEntry+0xd74/0x1270
[ 128.471870][ T5231] dtInsertEntry+0xd74/0x1270
[ 128.476648][ T5231] dtSplitPage+0x2501/0x3200
[ 128.481349][ T5231] dtInsert+0xff4/0x5830
[ 128.485637][ T5231] ? lockdep_hardirqs_on+0x94/0x140
[ 128.490893][ T5231] ? UniStrupr+0x2e0/0x2e0
[ 128.495513][ T5231] ? do_raw_spin_lock+0x128/0x2f0
[ 128.500567][ T5231] ? __rwlock_init+0x140/0x140
[ 128.505399][ T5231] jfs_create+0x730/0xad0
[ 128.509779][ T5231] ? jfs_lookup+0x420/0x420
[ 128.514317][ T5231] ? jfs_get_parent+0xa0/0xa0
[ 128.519051][ T5231] ? make_kgid+0x660/0x660
[ 128.523502][ T5231] ? generic_permission+0x230/0x510
[ 128.528742][ T5231] ? inode_permission+0xef/0x480
[ 128.533712][ T5231] ? bpf_lsm_inode_create+0x5/0x10
[ 128.538863][ T5231] ? security_inode_create+0xb3/0x100
[ 128.544282][ T5231] ? jfs_lookup+0x420/0x420
[ 128.548819][ T5231] path_openat+0x11db/0x2fa0
[ 128.553478][ T5231] ? do_filp_open+0x410/0x410
[ 128.558201][ T5231] do_filp_open+0x1e2/0x410
[ 128.562834][ T5231] ? vfs_tmpfile+0x300/0x300
[ 128.567525][ T5231] ? _raw_spin_unlock+0x24/0x40
[ 128.572416][ T5231] ? alloc_fd+0x598/0x630
[ 128.576803][ T5231] do_sys_openat2+0x150/0x4b0
[ 128.581517][ T5231] ? __lock_acquire+0x7d10/0x7d10
[ 128.586591][ T5231] ? do_sys_open+0xe0/0xe0
[ 128.591142][ T5231] ? lockdep_hardirqs_on_prepare+0x409/0x770
[ 128.597176][ T5231] ? lock_chain_count+0x20/0x20
[ 128.602090][ T5231] ? vtime_user_exit+0x2c8/0x3e0
[ 128.607105][ T5231] __x64_sys_openat+0x135/0x160
[ 128.612019][ T5231] do_syscall_64+0x4c/0xa0
[ 128.616483][ T5231] ? clear_bhb_loop+0x30/0x80
[ 128.621197][ T5231] ? clear_bhb_loop+0x30/0x80
[ 128.625926][ T5231] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 128.631983][ T5231] RIP: 0033:0x7f995140def9
[ 128.636443][ T5231] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 128.656096][ T5231] RSP: 002b:00007f9950a71028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 128.664573][ T5231] RAX: ffffffffffffffda RBX: 00007f9951678fa0 RCX: 00007f995140def9
[ 128.672594][ T5231] RDX: 000000000000275a RSI: 0000200000000080 RDI: ffffffffffffff9c
[ 128.680597][ T5231] RBP: 00007f99514a2ee0 R08: 0000000000000000 R09: 0000000000000000
[ 128.688627][ T5231] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 128.696632][ T5231] R13: 00007f9951679038 R14: 00007f9951678fa0 R15: 00007ffe10afe998
[ 128.704698][ T5231]
[ 128.707756][ T5231]
[ 128.710105][ T5231] Allocated by task 5231:
[ 128.714472][ T5231] __kasan_slab_alloc+0x9c/0xd0
[ 128.718404][ T4408] Bluetooth: hci0: command 0x040f tx timeout
[ 128.719365][ T5231] slab_post_alloc_hook+0x4c/0x380
[ 128.730500][ T5231] kmem_cache_alloc+0x100/0x290
[ 128.735391][ T5231] jfs_alloc_inode+0x17/0x50
[ 128.740013][ T5231] iget_locked+0x191/0x820
[ 128.744469][ T5231] jfs_iget+0x20/0x3f0
[ 128.748571][ T5231] jfs_lookup+0x21d/0x420
[ 128.752961][ T5231] __lookup_slow+0x29d/0x410
[ 128.757593][ T5231] lookup_slow+0x53/0x70
[ 128.761874][ T5231] walk_component+0x319/0x460
[ 128.766761][ T5231] path_lookupat+0x169/0x440
[ 128.771388][ T5231] filename_lookup+0x214/0x540
[ 128.776189][ T5231] user_path_at_empty+0x40/0x190
[ 128.781424][ T5231] __se_sys_chdir+0x98/0x280
[ 128.786240][ T5231] do_syscall_64+0x4c/0xa0
[ 128.790693][ T5231] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 128.797051][ T5231]
[ 128.799395][ T5231] The buggy address belongs to the object at ffff88806ea7b780
[ 128.799395][ T5231] which belongs to the cache jfs_ip of size 2240
[ 128.813233][ T5231] The buggy address is located 12 bytes to the right of
[ 128.813233][ T5231] 2240-byte region [ffff88806ea7b780, ffff88806ea7c040)
[ 128.827069][ T5231] The buggy address belongs to the page:
[ 128.832740][ T5231] page:ffffea0001ba9e00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x6ea78
[ 128.842921][ T5231] head:ffffea0001ba9e00 order:3 compound_mapcount:0 compound_pincount:0
[ 128.851278][ T5231] memcg:ffff888023f25501
[ 128.855563][ T5231] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[ 128.863599][ T5231] raw: 00fff00000010200 0000000000000000 dead000000000122 ffff88801de95280
[ 128.872229][ T5231] raw: 0000000000000000 00000000800d000d 00000001ffffffff ffff888023f25501
[ 128.880834][ T5231] page dumped because: kasan: bad access detected
[ 128.887290][ T5231] page_owner tracks the page as allocated
[ 128.893128][ T5231] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0x1d2050(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL|__GFP_RECLAIMABLE), pid 5231, ts 128249087600, free_ts 92114249230
[ 128.915235][ T5231] get_page_from_freelist+0x1bbd/0x1ca0
[ 128.920828][ T5231] __alloc_pages+0x1ee/0x480
[ 128.925458][ T5231] new_slab+0xc0/0x4b0
[ 128.929639][ T5231] ___slab_alloc+0x80a/0xdd0
[ 128.934344][ T5231] kmem_cache_alloc+0x195/0x290
[ 128.939361][ T5231] jfs_alloc_inode+0x17/0x50
[ 128.943996][ T5231] new_inode_pseudo+0x5f/0x210
[ 128.948880][ T5231] new_inode+0x25/0x1c0
[ 128.953058][ T5231] jfs_fill_super+0x398/0xb00
[ 128.957914][ T5231] mount_bdev+0x287/0x3c0
[ 128.962386][ T5231] legacy_get_tree+0xe6/0x180
[ 128.967101][ T5231] vfs_get_tree+0x88/0x270
[ 128.971544][ T5231] do_new_mount+0x24a/0xa40
[ 128.976105][ T5231] __se_sys_mount+0x2e3/0x3d0
[ 128.980984][ T5231] do_syscall_64+0x4c/0xa0
[ 128.985431][ T5231] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 128.991537][ T5231] page last free stack trace:
[ 128.996231][ T5231] free_unref_page_prepare+0x637/0x6c0
[ 129.001719][ T5231] free_unref_page+0x8f/0x2a0
[ 129.006422][ T5231] __unfreeze_partials+0x1a5/0x200
[ 129.011554][ T5231] put_cpu_partial+0x12d/0x190
[ 129.016344][ T5231] qlist_free_all+0x35/0x90
[ 129.020872][ T5231] kasan_quarantine_reduce+0x150/0x160
[ 129.026400][ T5231] __kasan_slab_alloc+0x2f/0xd0
[ 129.031285][ T5231] slab_post_alloc_hook+0x4c/0x380
[ 129.036433][ T5231] kmem_cache_alloc_node+0x12d/0x2d0
[ 129.041835][ T5231] __alloc_skb+0xf4/0x750
[ 129.046199][ T5231] devlink_trap_notify+0x2d/0x160
[ 129.051255][ T5231] devlink_trap_unregister+0xf2/0x270
[ 129.056657][ T5231] devlink_traps_unregister+0x1f6/0x230
[ 129.062316][ T5231] nsim_dev_traps_exit+0x64/0x120
[ 129.067367][ T5231] nsim_dev_reload_destroy+0x1bd/0x240
[ 129.072864][ T5231] nsim_dev_reload_down+0xf9/0x160
[ 129.078005][ T5231]
[ 129.080357][ T5231] Memory state around the buggy address:
[ 129.086012][ T5231] ffff88806ea7bf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 129.094095][ T5231] ffff88806ea7bf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 129.102191][ T5231] >ffff88806ea7c000: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[ 129.110383][ T5231] ^
[ 129.116907][ T5231] ffff88806ea7c080: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[ 129.124999][ T5231] ffff88806ea7c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 129.133085][ T5231] ==================================================================
[ 129.141158][ T5231] Disabling lock debugging due to kernel taint
[ 129.164685][ T5231] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 129.171939][ T5231] CPU: 0 PID: 5231 Comm: syz.0.17 Tainted: G B syzkaller #0
[ 129.180558][ T5231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 129.190727][ T5231] Call Trace:
[ 129.194029][ T5231]
[ 129.197062][ T5231] dump_stack_lvl+0x188/0x250
[ 129.201766][ T5231] ? show_regs_print_info+0x20/0x20
[ 129.207094][ T5231] ? load_image+0x400/0x400
[ 129.211659][ T5231] panic+0x2e5/0x810
[ 129.215585][ T5231] ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 129.221781][ T5231] ? bpf_jit_dump+0xd0/0xd0
[ 129.226326][ T5231] ? _raw_spin_unlock_irqrestore+0x10d/0x120
[ 129.232331][ T5231] ? _raw_spin_unlock+0x40/0x40
[ 129.237207][ T5231] ? dtInsertEntry+0xd74/0x1270
[ 129.242201][ T5231] check_panic_on_warn+0x80/0xa0
[ 129.247173][ T5231] ? dtInsertEntry+0xd74/0x1270
[ 129.252050][ T5231] end_report+0x6d/0xf0
[ 129.256304][ T5231] kasan_report+0x102/0x130
[ 129.260835][ T5231] ? dtInsertEntry+0xd74/0x1270
[ 129.265841][ T5231] dtInsertEntry+0xd74/0x1270
[ 129.270564][ T5231] dtSplitPage+0x2501/0x3200
[ 129.275224][ T5231] dtInsert+0xff4/0x5830
[ 129.279502][ T5231] ? lockdep_hardirqs_on+0x94/0x140
[ 129.284748][ T5231] ? UniStrupr+0x2e0/0x2e0
[ 129.289193][ T5231] ? do_raw_spin_lock+0x128/0x2f0
[ 129.294246][ T5231] ? __rwlock_init+0x140/0x140
[ 129.299172][ T5231] jfs_create+0x730/0xad0
[ 129.303539][ T5231] ? jfs_lookup+0x420/0x420
[ 129.308089][ T5231] ? jfs_get_parent+0xa0/0xa0
[ 129.312823][ T5231] ? make_kgid+0x660/0x660
[ 129.317559][ T5231] ? generic_permission+0x230/0x510
[ 129.322873][ T5231] ? inode_permission+0xef/0x480
[ 129.327833][ T5231] ? bpf_lsm_inode_create+0x5/0x10
[ 129.332997][ T5231] ? security_inode_create+0xb3/0x100
[ 129.338402][ T5231] ? jfs_lookup+0x420/0x420
[ 129.342935][ T5231] path_openat+0x11db/0x2fa0
[ 129.347778][ T5231] ? do_filp_open+0x410/0x410
[ 129.352484][ T5231] do_filp_open+0x1e2/0x410
[ 129.357019][ T5231] ? vfs_tmpfile+0x300/0x300
[ 129.361734][ T5231] ? _raw_spin_unlock+0x24/0x40
[ 129.366705][ T5231] ? alloc_fd+0x598/0x630
[ 129.371069][ T5231] do_sys_openat2+0x150/0x4b0
[ 129.375779][ T5231] ? __lock_acquire+0x7d10/0x7d10
[ 129.380842][ T5231] ? do_sys_open+0xe0/0xe0
[ 129.385298][ T5231] ? lockdep_hardirqs_on_prepare+0x409/0x770
[ 129.391312][ T5231] ? lock_chain_count+0x20/0x20
[ 129.396209][ T5231] ? vtime_user_exit+0x2c8/0x3e0
[ 129.401200][ T5231] __x64_sys_openat+0x135/0x160
[ 129.406089][ T5231] do_syscall_64+0x4c/0xa0
[ 129.410537][ T5231] ? clear_bhb_loop+0x30/0x80
[ 129.415242][ T5231] ? clear_bhb_loop+0x30/0x80
[ 129.419956][ T5231] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 129.425887][ T5231] RIP: 0033:0x7f995140def9
[ 129.430322][ T5231] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 129.450037][ T5231] RSP: 002b:00007f9950a71028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 129.458473][ T5231] RAX: ffffffffffffffda RBX: 00007f9951678fa0 RCX: 00007f995140def9
[ 129.466519][ T5231] RDX: 000000000000275a RSI: 0000200000000080 RDI: ffffffffffffff9c
[ 129.474712][ T5231] RBP: 00007f99514a2ee0 R08: 0000000000000000 R09: 0000000000000000
[ 129.483053][ T5231] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 129.491085][ T5231] R13: 00007f9951679038 R14: 00007f9951678fa0 R15: 00007ffe10afe998
[ 129.499267][ T5231]
[ 129.502628][ T5231] Kernel Offset: disabled
[ 129.506974][ T5231] Rebooting in 86400 seconds..